Columbus, Ohio Metropolitan Area
PROFESSIONAL SUMMARY Cyber Security Analyst and experienced IT professional with a well-built background in information security, network security, endpoint security, threat analysis, malware analysis, phishing investigation, and incident response. Skilled in mitigating risks, remediation, and securing networks against cyber attacks, specializing in SIEM, SOAR, EDR, and email security platforms. Dedicated to staying up-to-date with the latest industry trends, with a detail-oriented perspective to ensure that all security events are analyzed and addressed, deadline-driven to work effectively in a fast-paced environment managing time and prioritizing competing demands. Exceptional problem-solving, strong attention to detail, and analytical thinking skills combined with effective communication and collaboration abilities. SKILLS Tools: Splunk ES, IBM QRadar, Revelstoke, SentinelOne, CrowdStrike Falcon, Proofpoint, Jira, Nessus, Tenable.io, Acunetix, NetSparker Frameworks & Compliance: Cyber Kill Chain, MITRE ATT&CK, SANS, NIST, HIPAA, PCI DSS, GDPR, OWASP Certifications: CompTIA Security+, Cisco Network Security, Cisco Networking Essentials, Cisco Cybersecurity Essentials, Armis Cyber Defense Core, Google IT Support Languages & Other: Powershell, Python, SPL, Linux CL, Active Directory, Google Workspace, Microsoft Office Suite, Windows OS, Mac O
•Investigated and responded to security incidents across diverse client environments using Microsoft Sentinel, CrowdStrike, Microsoft Defender, Cortex XSOAR, Cortex XSIAM, Cortex XDR, and Dropzone AI. • Conducted threat triage, analysis, containment, and escalation activities while maintaining compliance with strict SLA requirements. •Reduced risk exposure by accurately identifying and validating genuine security threats while minimizing false-positive investigations. •Maintained comprehensive incident records through ServiceNow, delivering timely client communications, detailed reporting, and effective case management. •Contributed to continuous SOC improvement by refining operational processes, enhancing documentation, and staying current on emerging cyber threats and defensive strategies.
• Investigated, triaged, and prioritized high-volume SIEM alerts in Splunk and Google Chronicle across 30+ client environments as part of 24/7 SOC operations, correlating endpoint, network, identity, cloud, and email telemetry to validate detections, contributing to a 15% reduction in MTTR while maintaining 97% SLA compliance. • Conducted endpoint and behavioral analysis using SentinelOne, CrowdStrike Falcon, Microsoft Defender, and Carbon Black, examining process trees, command-line activity, parent-child relationships, persistence techniques, and file reputation to support detection validation. • Triaged and analyzed phishing and BEC activity with Cofense Triage, reviewing headers, URLs, and attachments to identify malicious campaigns and drive remediation through blocking, mitigation, and customer guidance. • Supported proactive threat hunting and customer-reported incident response, performing root cause analysis, scoping impacted hosts and users, identifying IOCs/TTPs aligned to MITRE ATT&CK, and assisting with containment and eradication. • Collaborated with security engineering teams to resolve detection logic issues, misconfigurations, and log parsing errors, creating and tracking SIEM tuning tickets to improve alert accuracy and SOC efficiency.
• Monitored and triaged security alerts in a 24/7 SOC using Splunk and IBM QRadar SIEM, identifying suspicious activity, validating incidents, and escalating confirmed threats to Tier 2 analysts. • Analyzed endpoint telemetry with CrowdStrike Falcon and SentinelOne, reviewing process activity, malware alerts, and suspicious behavior to distinguish false positives from actionable threats. • Investigated phishing, malware, and BEC emails via Proofpoint TAP, examining headers, URLs, attachments, and sender infrastructure, and escalated incidents with remediation guidance. • Maintained and improved SOC workflows, including playbooks, alert rules, dashboards, and reports, enhancing monitoring efficiency and ensuring consistent incident documentation. • Conducted routine vulnerability scanning with Nessus, identifying security gaps, reporting findings to SOC and security engineering teams, and supporting remediation recommendations. • Logged and tracked incidents in IBM SOAR and Jira, documenting alerts, escalation steps, timelines, and recommended next actions for Tier 2 follow-up
• Spearheaded troubleshooting, maintenance, and administration of 20+ network devices and 700+ endpoints, including switches, access points, firewalls, Windows servers, domain controllers, laptops, desktops, printers, and cameras. • Managed, configured, and maintained Active Directory and Google Workspace, performing user/group account management, access control, group policy enforcement, and email provisioning. • Delivered IT operational services, including software deployment, patch management, vulnerability scanning, and endpoint/device reimaging to ensure system stability, security, and performance. • Coordinated with technology vendors and service providers, procuring hardware, software, and support services while ensuring IT infrastructure met organizational requirements and standards. • Collaborated with internal teams to align IT operations with business needs, improving workflows, end-user productivity, and overall operational efficiency.
• Delivered computer science, engineering, and digital citizenship instruction to students across multiple grade levels, fostering digital literacy and STEM skills. • Provided technology support to administrators, staff, and students, troubleshooting hardware and software issues with a customer-focused approach.